CISA Adds Sitecore, Linux Kernel, and TP-Link Flaws to KEV Catalog

CISA Adds Sitecore, Linux Kernel, and TP-Link Flaws to KEV Catalog

1

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog, flagging new security threats that are actively being exploited in the wild. The latest additions spotlight critical flaws affecting Sitecore, the Linux kernel, and popular TP-Link routers—reminding businesses and users that timely patch management is no longer just best practice, but an operational necessity.

Spotlight on the New KEV Additions

Sitecore (CVE-2025-53690)

  • Flaw: Deserialization of untrusted data could lead to code injection in Sitecore Experience Manager and Platform up to v9.0.
  • Risks: Remote code execution, system compromise.
  • Remediation Deadline: September 25, 2025 (federal mandate).

Linux Kernel (CVE-2025-38352)

  • Flaw: A TOCTOU (Time-of-check, time-of-use) race condition in the kernel may allow privilege escalation or denial-of-service attacks.
  • Risks: Exploitation for lateral movement or downtime in multi-user environments.
  • Remediation Deadline: September 25, 2025.

TP-Link Routers (CVE-2023-50224, CVE-2025-9377)

  • Flaws:
  • Authentication bypass in TL-WR841N routers, exposing credentials.
  • OS command injection leading to remote code execution in Archer C7(EU) and TL-WR841N models.
  • Risks: Attackers can hijack home and business networks, escalate attacks to other devices, and evade detection.
  • Remediation Deadline: September 24, 2025.
  • Note: Affected hardware is at end-of-life—manufacturers advise replacing devices if patches are unavailable.

Why These Additions Matter

These vulnerabilities aren’t speculative—they’ve been weaponized by threat actors in the real world. Any organization running impacted software or hardware should treat remediation as urgent. Delays in patching expose environments to ransomware, data breaches, and network sabotage.

CISA emphasizes:

  • Immediate patching or system upgrades.
  • For end-of-life hardware (like older TP-Link routers), plan for replacement.

Next Steps for Security Teams

  • Review the KEV catalog entries.
  • Prioritize patching and remediation for listed vulnerabilities.
  • Audit asset inventories for Sitecore, Linux kernel deployments, and legacy TP-Link hardware.

Final Thoughts

CISA’s KEV updates are the pulse of active cyber risk. The latest additions underscore a widening attack surface across both enterprise and consumer technologies. Prompt action is the only way to move from reactive defense to proactive security posture.

Tags:

1 Comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.